Faster joins: only choose locally-created events as prev_events when sending events into a partial-state room.

[reivilibre]

Fixes #14057. Part of #12997.

The idea and rationale is given in #14057, but I'll re-iterate a bit:

Remote homeservers have 'the right' to ask us for the prev_events of any events that we create and send out to them.
As a partially-resident server, we can't track the set of servers in the room and so we don't know whether we're able to divulge any given event to another remote homeserver.

In the response to /send_join when we start our partial join, we receive a list of servers currently in the room at the point of our join event. This join event is therefore safe to divulge to the given list of homeservers, or if it isn't, that's equivalent to the resident homeserver being malicious or buggy and divulging events improperly itself.

We aren't violating any other servers' privacy by divulging our own events (and we know which servers are involved; though communicating that to the user is a separate problem).
If we persist our events in a 'chain' off from that join event, we never enter a situation where we need to divulge a prev_event which is another servers' event.

In practice, we may technically not have a chain but instead a DAG of events.

So, we:

• define a store method to calculate some prev_events for use in a partial-state room;
• use these when creating events; and
• decide upon whether we use the full forward extremities or this partial-state special case, in all instances where get_prev_events is used.

[reivilibre]

Erik suggests another approach revolving around just redacting prev_events when we're not sure we can hand them back. This is discussed in #synapse-dev; I need to have a think about it when I get the chance.

[reivilibre]

Superseded by #14404.